Linux setup steps/Install NTP daemon to keep the time current

From Nick Jenkins

Jump to: navigation, search

Install NTP daemon to keep the time current: 

aptitude install ntp ntp-doc

Then 

nano /etc/ntp.conf

... and set up as follows: 

# /etc/ntp.conf, configuration for ntpd

driftfile /var/lib/ntp/ntp.drift
statsdir /var/log/ntpstats/

statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable

# deny-by-default policy
restrict default ignore

# You do need to talk to an NTP server or two (or three).
server clock.psu.edu       iburst
server ntp0.cornell.edu    iburst
server ntp0.nl.net         iburst
server ntp2a.mcc.ac.uk     iburst
server salmon.maths.tcd.ie iburst

# Have to grant access to the above servers - however the servers are not allowed
# to modify the run-time configuration or query the NTP server.
restrict clock.psu.edu       nomodify nopeer notrap noquery
restrict ntp0.cornell.edu    nomodify nopeer notrap noquery
restrict ntp0.nl.net         nomodify nopeer notrap noquery
restrict ntp2a.mcc.ac.uk     nomodify nopeer notrap noquery
restrict salmon.maths.tcd.ie nomodify nopeer notrap noquery

# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1           nomodify nopeer notrap

Then restart with: 

/etc/init.d/ntp restart

Check that there were no errors in the system log with: 

tail -f /var/log/syslog

Should get output like this: 

Jul  7 17:17:31 ludo ntpd[3473]: ntpd 4.2.2p4@1.1585-o Sun Mar  4 13:21:35 UTC 2007 (1)
Jul  7 17:17:31 ludo ntpd[3474]: precision = 2.000 usec
Jul  7 17:17:31 ludo modprobe: WARNING: Not loading blacklisted module ipv6
Jul  7 17:17:31 ludo ntpd[3474]: Listening on interface wildcard, 0.0.0.0#123 Disabled
Jul  7 17:17:31 ludo ntpd[3474]: Listening on interface lo, 127.0.0.1#123 Enabled
Jul  7 17:17:31 ludo ntpd[3474]: Listening on interface eth0, 192.168.0.5#123 Enabled
Jul  7 17:17:31 ludo ntpd[3474]: kernel time sync status 0040
Jul  7 17:17:31 ludo ntpd[3474]: frequency initialized -70.588 PPM from /var/lib/ntp/ntp.drift

Can then check if it is working with: 

ntpq -p

Should get output like this: 

     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*otc2.psu.edu    128.118.25.12    2 u    1   64    1  256.700   -0.417   1.318
 cudns.cit.corne 192.5.41.209     2 u    2   64    1  263.631   -4.051   0.580
 ntp0.nl.uu.net  .GPS.            1 u    1   64    1  350.644    0.044   1.723
 maverick.mcc.ac 193.62.22.98     2 u    2   64    1  325.238   -3.433   0.123
 salmon.maths.tc 134.226.1.114    3 u    1   64    1  335.144   -0.182   0.198

Can then check for open UDP connections, like so: 

netstat -l

Should get output which includes something like this: 

udp        0      0 ludo.yourhostname.c:ntp *:*
udp        0      0 localhost:ntp           *:*
udp        0      0 *:ntp                   *:*

(There does not seem to be any way to turn these udp connections off, which is why we use the deny-by-default policy)

Retrieved from "http://nickj.org/Linux_setup_steps/Install_NTP_daemon_to_keep_the_time_current"
Personal tools